8 changed files with 71 additions and 269 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,4 +4,4 @@ SOURCES/06-55-04
 SOURCES/06-5e-03
 SOURCES/microcode-20190918.tar.gz
 SOURCES/microcode-20191115.tar.gz
-SOURCES/microcode-20231009.tar.gz
+SOURCES/microcode-20230808.tar.gz
--- a/.microcode_ctl.metadata
+++ b/.microcode_ctl.metadata
@ -4,4 +4,4 @@ bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07
 86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03
 bc20d6789e6614b9d9f88ee321ab82bed220f26f SOURCES/microcode-20190918.tar.gz
 774636f4d440623b0ee6a2dad65260e81208074d SOURCES/microcode-20191115.tar.gz
-bdbc8d6488cf197476253cb9bc50532cc76d91a1 SOURCES/microcode-20231009.tar.gz
+ab44d7e09a0fc141608725b2550e784aae4c9da8 SOURCES/microcode-20230808.tar.gz
--- a/SOURCES/0011-releasenote.md-add-stub-release-notes-for-microcode-.patch
+++ b/SOURCES/0011-releasenote.md-add-stub-release-notes-for-microcode-.patch
@ -1,62 +0,0 @@
-From f8d6bf8bd8f9ca011c9e0703ece03b2a128b263a Mon Sep 17 00:00:00 2001
-From: Eugene Syromiatnikov <esyr@redhat.com>
-Date: Mon, 6 Nov 2023 12:59:23 +0100
-Subject: [PATCH] releasenote.md: add stub release notes for microcode-20231009
-
-Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
---
- releasenote.md | 40 ++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 40 insertions(+)
-
-diff --git a/releasenote.md b/releasenote.md
-index 429105c..050cfb4 100644
--- a/releasenote.md
-+++ b/releasenote.md
-@@ -1,4 +1,44 @@
- # Release Notes
-+## microcode-20231009
-+
-+### Purpose
-+
-+- Security updates for [INTEL-SA-00950](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html)
-+
-+- Update for functional issues.
-+
-+### New Platforms
-+
-+### Updated Platforms
-+
-+| Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
-+|:---------------|:---------|:------------|:---------|:---------|:---------
-+| ADL            | C0       | 06-97-02/07 | 0000002e | 00000032 | Core Gen12
-+| ADL            | C0       | 06-97-05/07 | 0000002e | 00000032 | Core Gen12
-+| ADL            | C0       | 06-bf-02/07 | 0000002e | 00000032 | Core Gen12
-+| ADL            | C0       | 06-bf-05/07 | 0000002e | 00000032 | Core Gen12
-+| ADL            | L0       | 06-9a-03/80 | 0000042c | 00000430 | Core Gen12
-+| ADL            | L0       | 06-9a-04/80 | 0000042c | 00000430 | Core Gen12
-+| ADL-N          | A0       | 06-be-00/11 | 00000011 | 00000012 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
-+| AZB            | A0       | 06-9a-04/40 | 00000004 | 00000005 | Intel(R) Atom(R) C1100
-+| ICL-D          | B0       | 06-6c-01/10 | 01000230 | 01000268 | Xeon D-17xx, D-27xx
-+| ICL-U/Y        | D1       | 06-7e-05/80 | 000000bc | 000000c2 | Core Gen10 Mobile
-+| ICX-SP         | Dx/M1    | 06-6a-06/87 | 0d0003a5 | 0d0003b9 | Xeon Scalable Gen3
-+| RKL-S          | B0       | 06-a7-01/02 | 00000059 | 0000005d | Core Gen11
-+| RPL-H/P/PX 6+8 | J0       | 06-ba-02/e0 | 00004119 | 0000411c | Core Gen13
-+| RPL-S          | B0       | 06-b7-01/32 | 00000119 | 0000011d | Core Gen13
-+| RPL-U 2+8      | Q0       | 06-ba-03/e0 | 00004119 | 0000411c | Core Gen13
-+| SPR-HBM        | B1       | 06-8f-05/10 | 2c000271 | 2c000290 | Xeon Max
-+| SPR-HBM        | B3       | 06-8f-08/10 | 2c000271 | 2c000290 | Xeon Max
-+| SPR-SP         | E2       | 06-8f-05/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4
-+| SPR-SP         | E3       | 06-8f-06/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4
-+| SPR-SP         | E4/S2    | 06-8f-07/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4
-+| SPR-SP         | E5/S3    | 06-8f-08/87 | 2b0004b1 | 2b0004d0 | Xeon Scalable Gen4
-+| TGL            | B0/B1    | 06-8c-01/80 | 000000ac | 000000b4 | Core Gen11 Mobile
-+| TGL-H          | R0       | 06-8d-01/c2 | 00000046 | 0000004e | Core Gen11 Mobile
-+| TGL-R          | C0       | 06-8c-02/c2 | 0000002c | 00000034 | Core Gen11 Mobile
-+
-+
- ## [microcode-20230808](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808)
- 
- ### Purpose
-- 
-2.13.6
-
--- a/SOURCES/06-8c-01_readme
+++ b/SOURCES/06-8c-01_readme
@ -16,7 +16,6 @@ microcode revisions in question are listed below:
 * 06-8c-01, revision 0xa6: fdcf89e3a15a20df8aeee215b78bf5d13d731044
 * 06-8c-01, revision 0xaa: cf84883f6b3184690c25ccade0b10fa839ac8657
 * 06-8c-01, revision 0xac: b9f342e564a0be372ed1f4709263bf811feb022a
- * 06-8c-01, revision 0xb4: 6596bb8696cde85538bb833d090f0b7a42d6ae14

 Please contact your system vendor for a BIOS/firmware update that contains
 the latest microcode version.  For the information regarding microcode versions
--- a/SOURCES/README.caveats
+++ b/SOURCES/README.caveats
@ -10,8 +10,8 @@ behaviour.

 General behaviour
 =================
-In RHEL 8 (as well as RHEL 7 before it), there are currently two main handlers
-for CPU microcode update:
+In RHEL 9 (as well as in RHEL 7 and RHEL 8 before it), there are currently
+two main handlers for CPU microcode update:
 * Early microcode update. It uses GenuineIntel.bin or AuthenticAMD.bin file
   placed at the beginning of an initramfs image
   (/boot/initramfs-KERNEL_VERSION.img, where "KERNEL_VERSION" is a kernel
@ -45,10 +45,10 @@ zero-filled.

 The early microcode is placed into initramfs image by the "dracut" script, which
 scans the aforementioned subdirectories of the configured list of firmware
-directories (by default, the list consists of two directories in RHEL 8,
+directories (by default, the list consists of two directories in RHEL 9,
 "/lib/firmware/updates" and "/lib/firmware").

-In RHEL 8, AMD CPU microcode is shipped as a part of the linux-firmware package,
+In RHEL 9, AMD CPU microcode is shipped as a part of the linux-firmware package,
 and Intel microcode is shipped as a part of the microcode_ctl package.

 The microcode_ctl package currently includes the following:
@ -613,7 +613,7 @@ Mitigation: microcode loading is disabled for the affected CPU model.

 Minimum versions of the kernel package that contain the aforementioned patch
 series:
- - Upstream/RHEL 8: 4.17.0
+ - Upstream/RHEL 8/RHEL 9: 4.17.0
 - RHEL 7.6 onwards:  3.10.0-894
 - RHEL 7.5:  3.10.0-862.6.1
 - RHEL 7.4:  3.10.0-693.35.1
@ -628,7 +628,7 @@ series:

 Early microcode load inside a virtual machine
 ---------------------------------------------
-RHEL 8 kernel supports performing microcode update during early boot stage
+RHEL 9 kernel supports performing microcode update during early boot stage
 from a cpio archive placed at the beginning of the initramfs image.  However,
 when an early microcode update is attempted inside some virtualised
 environments, that may result in unexpected system behaviour.
@ -643,7 +643,7 @@ Mitigation: early microcode loading is disabled for all CPU models on kernels
 without the fix.

 Minimum versions of the kernel package that contain the fix:
- - Upstream/RHEL 8: 4.10.0
+ - Upstream/RHEL 8/RHEL 9: 4.10.0
 - RHEL 7.6 onwards: 3.10.0-930
 - RHEL 7.5: 3.10.0-862.14.1
 - RHEL 7.4: 3.10.0-693.38.1
--- a/SOURCES/gen_provides.sh
+++ b/SOURCES/gen_provides.sh
@ -43,25 +43,43 @@ for f in $(grep -E '/intel-ucode.*/[0-9a-f][0-9a-f]-[0-9a-f][0-9a-f]-[0-9a-f][0-

 			# ext_sig, 12 bytes in size
 			IFS=' ' read cpuid pf_mask <<- EOF
-			$(hexdump -s "$skip" -n 8 \
-				-e '"" 1/4 "%08x " 1/4 "%u" "\n"' "$f")
+			$(dd if="$f" ibs=1 skip="$skip" count=8 status=none \
+				| xxd -e -g4 | xxd -r | hexdump -n 8 \
+				-e '"" 4/1 "%02x" " 0x" 4/1 "%02x" "\n"')
 			EOF
+			# Converting values from the constructed %#08x format
+			pf_mask="$((pf_mask))"

 			skip="$((skip + 12))"
 			ext_sig_pos="$((ext_sig_pos + 1))"
 		else
 			# Microcode header, 48 bytes, last 3 fields reserved
+			# cksum, ldrver are ignored
 			IFS=' ' read hdrver rev \
-			       date_y date_d date_m \
+			       date_m date_d date_y \
 			       cpuid cksum ldrver \
 			       pf_mask datasz totalsz <<- EOF
-			$(hexdump -s "$skip" -n 36 \
-				-e '"" 1/4 "%u " 1/4 "%#x " \
-			               1/2 "%04x " 1/1 "%02x " 1/1 "%02x " \
-				       1/4 "%08x " 1/4 "%x " 1/4 "%#x " \
-				       1/4 "%u " 1/4 "%u " 1/4 "%u" "\n"' "$f")
+			$(dd if="$f" ibs=1 skip="$skip" count=36 status=none \
+				| xxd -e -g4 | xxd -r | hexdump -n 36 \
+				-e '"0x" 4/1 "%02x" " 0x" 4/1 "%02x" " " \
+			               1/1 "%02x " 1/1 "%02x " 2/1 "%02x" " " \
+				       4/1 "%02x" " 0x" 4/1 "%02x" " 0x" 4/1 "%02x" \
+				       " 0x" 4/1 "%x" \
+				       " 0x" 4/1 "%02x" " 0x" 4/1 "%02x" "\n"')
 			EOF

+			# Converting values from the constructed %#08x format
+			rev="$(printf '%#x' "$((rev))")"
+			pf_mask="$((pf_mask))"
+			datasz="$((datasz))"
+			totalsz="$((totalsz))"
+
+			# Skipping files with unexpected hdrver value
+			[ 1 = "$((hdrver))" ] || {
+				echo "$f+$skip@$file_sz: incorrect hdrver $((hdrver))" >&2
+				break
+			}
+
 			[ 0 != "$datasz" ] || datasz=2000
 			[ 0 != "$totalsz" ] || totalsz=2048

@ -80,9 +98,12 @@ for f in $(grep -E '/intel-ucode.*/[0-9a-f][0-9a-f]-[0-9a-f][0-9a-f]-[0-9a-f][0-
 				# ext_sig table header, 20 bytes in size,
 				# last 3 fields are reserved.
 				IFS=' ' read ext_sig_cnt  <<- EOF
-				$(hexdump -s "$skip" -n 4 \
-					-e '"" 1/4 "%u" "\n"' "$f")
+				$(dd if="$f" ibs=1 skip="$skip" count=4 status=none \
+					| xxd -e -g4 | hexdump -n 4 \
+					-e '"0x" 4/1 "%02x" "\n"')
 				EOF
+				# Converting values from the constructed format
+				ext_sig_cnt="$((ext_sig_cnt))"

 				skip="$((skip + 20))"
 			else
--- a/SOURCES/gen_updates2.py
+++ b/SOURCES/gen_updates2.py
@ -144,7 +144,7 @@ def read_revs_dir(path, args, src=None, ret=None):
                offs = 0
                while offs < sz:
                    f.seek(offs, os.SEEK_SET)
-                    hdr = struct.unpack("IiIIIIIIIIII", f.read(48))
+                    hdr = struct.unpack("<IiIIIIIIIIII", f.read(48))
                    ret.append({"path": rp, "src": src or path,
                                "cpuid": hdr[3], "pf": hdr[6], "rev": hdr[1],
                                "date": hdr[2], "offs": offs, "cksum": hdr[4],
@ -152,7 +152,7 @@ def read_revs_dir(path, args, src=None, ret=None):

                    if hdr[8] and hdr[8] - hdr[7] > 48:
                        f.seek(hdr[7], os.SEEK_CUR)
-                        ext_tbl = struct.unpack("IIIII", f.read(20))
+                        ext_tbl = struct.unpack("<IIIII", f.read(20))
                        log_status("Found %u extended signatures for %s:%#x" %
                                   (ext_tbl[0], rp, offs), level=1)

@ -160,7 +160,7 @@ def read_revs_dir(path, args, src=None, ret=None):
                        ext_sig_cnt = 0
                        while cur_offs < offs + hdr[8] \
                                and ext_sig_cnt <= ext_tbl[0]:
-                            ext_sig = struct.unpack("III", f.read(12))
+                            ext_sig = struct.unpack("<III", f.read(12))
                            ignore = args.ignore_ext_dups and \
                                (ext_sig[0] == hdr[3])
                            if not ignore:
--- a/SPECS/microcode_ctl.spec
+++ b/SPECS/microcode_ctl.spec
@ -1,5 +1,4 @@
-%define intel_ucode_version 20231009
-%global debug_package %{nil}
+%define intel_ucode_version 20230808

 %define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats
 %define microcode_ctl_libexec %{_libexecdir}/microcode_ctl
@ -12,13 +11,12 @@

 Summary:        CPU microcode updates for Intel x86 processors
 Name:           microcode_ctl
-Version:        20230808
-Release:        2.%{intel_ucode_version}.1%{?dist}
+Version:        %{intel_ucode_version}
+Release:        2%{?dist}
 Epoch:          4
 License:        CC0 and Redistributable, no modification permitted
 URL:            https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
-#Source0:        https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/microcode-%{intel_ucode_version}.tar.gz
-Source0:        microcode-%{intel_ucode_version}.tar.gz
+Source0:        https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/microcode-%{intel_ucode_version}.tar.gz

 # (Pre-MDS) revision 0x714 of 06-2d-07 microcode
 Source2:        https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/raw/microcode-20190514/intel-ucode/06-2d-07
@ -133,12 +131,13 @@ Patch0007: 0007-releasenote.md-add-missing-06-ba-03-e0-to-the-new-mi.patch
 Patch0008: 0008-releasenote.md-remove-the-duplicating-06-9e-0c-22-re.patch
 Patch0009: 0009-releasenote.md-fix-old-revisions-for-06-8e-09-10-and.patch
 Patch0010: 0010-releasenote.md-add-old-revisions-for-06-be-00-11-06-.patch
-Patch0011: 0011-releasenote.md-add-stub-release-notes-for-microcode-.patch

-ExclusiveArch:  %{ix86} x86_64
+BuildArch:      noarch
 BuildRequires:  systemd-units
-# hexdump is used in gen_provides.sh
-BuildRequires:  coreutils util-linux
+# dd, hexdump, and xxd are used in gen_provides.sh
+BuildRequires:  coreutils util-linux /usr/bin/xxd
+# gen_updates2.py requires python interpreter
+BuildRequires:  /usr/bin/python3
 Requires:       coreutils
 Requires(post): systemd coreutils
 Requires(preun): systemd coreutils
@ -171,7 +170,6 @@ is no longer used for microcode upload and, as a result, no longer provided.
 %patch0008 -p1
 %patch0009 -p1
 %patch0010 -p1
-%patch0011 -p1

 %build
 # remove bogus *_DUPLICATE files with older microcode revisions
@ -338,7 +336,7 @@ install -m 644 "%{SOURCE182}" "%{tgl_inst_dir}/disclaimer"
 # SUMMARY.intel-ucode generation
 # It is to be done only after file population, so, it is here,
 # at the end of the install stage
-/usr/libexec/platform-python "%{SOURCE1002}" -C "%{SOURCE1001}" \
+/usr/bin/python3 "%{SOURCE1002}" -C "%{SOURCE1001}" \
 	summary -A "%{buildroot}" \
 	> "%{buildroot}/%{_pkgdocdir}/SUMMARY.intel-ucode"

@ -572,168 +570,14 @@ rm -rf %{buildroot}


 %changelog
-* Wed Nov 01 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-2.20231009.1
- Update Intel CPU microcode to microcode-20231009 release, addresses
-  CVE-2023-23583 (RHEL-3684):
-  - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
-    intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xac up to 0xb4;
-  - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5
-    up to 0xd0003b9;
-  - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230
-    up to 0x1000268;
-  - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc
-    up to 0xc2;
-  - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x2c up
-    to 0x34;
-  - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x46 up
-    to 0x4e;
-  - Update of 06-8f-04/0x10 microcode from revision 0x2c000271 up to
-    0x2c000290;
-  - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision
-    0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
-    intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
-    intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from
-    revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
-    intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
-    intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
-    intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
-    intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from
-    revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
-    intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision
-    0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004b1
-    up to 0x2b0004d0;
-  - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from
-    revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
-    intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
-    intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
-    intel-ucode/06-8f-05) from revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
-    intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from
-    revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
-    intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
-    intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
-    intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-06/0x10 microcode from revision 0x2c000271 up to
-    0x2c000290;
-  - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004b1
-    up to 0x2b0004d0;
-  - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
-    intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
-    intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
-    intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
-    intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
-    intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
-    intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
-    0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
-    intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
-    revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
-    intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
-    intel-ucode/06-8f-08) from revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
-    intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
-    revision 0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
-    intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
-    intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
-    0x2c000271 up to 0x2c000290;
-  - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
-    0x2b0004b1 up to 0x2b0004d0;
-  - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
-    0x2e up to 0x32;
-  - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
-    intel-ucode/06-97-02) from revision 0x2e up to 0x32;
-  - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
-    from revision 0x2e up to 0x32;
-  - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
-    from revision 0x2e up to 0x32;
-  - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
-    intel-ucode/06-97-05) from revision 0x2e up to 0x32;
-  - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x2e
-    up to 0x32;
-  - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
-    from revision 0x2e up to 0x32;
-  - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
-    from revision 0x2e up to 0x32;
-  - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
-    0x42c up to 0x430;
-  - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
-    intel-ucode/06-9a-03) from revision 0x42c up to 0x430;
-  - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
-    intel-ucode/06-9a-04) from revision 0x42c up to 0x430;
-  - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x42c
-    up to 0x430;
-  - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x4 up
-    to 0x5;
-  - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x59 up
-    to 0x5d;
-  - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x119 up
-    to 0x11d;
-  - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
-    0x4119 up to 0x411c;
-  - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
-    intel-ucode/06-ba-02) from revision 0x4119 up to 0x411c;
-  - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
-    intel-ucode/06-ba-03) from revision 0x4119 up to 0x411c;
-  - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4119
-    up to 0x411c;
-  - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x11 up
-    to 0x12;
-  - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
-    intel-ucode/06-bf-02) from revision 0x2e up to 0x32;
-  - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
-    intel-ucode/06-bf-02) from revision 0x2e up to 0x32;
-  - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x2e up
-    to 0x32;
-  - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
-    from revision 0x2e up to 0x32;
-  - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
-    intel-ucode/06-bf-05) from revision 0x2e up to 0x32;
-  - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
-    intel-ucode/06-bf-05) from revision 0x2e up to 0x32;
-  - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
-    from revision 0x2e up to 0x32;
-  - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x2e up
-    to 0x32.
-
 * Tue Aug 22 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-2
 - Add support for the new, more correct, variant of dracut's default
  $fw_dir path in dracut_99microcode_ctl-fw_dir_override_module_init.sh.

 * Thu Aug 10 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-1
 - Update Intel CPU microcode to microcode-20230808 release, addresses
-  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213125, #2223993, #2230678,
-  #2230690):
+  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213124, #2223992, #2230677,
+  #2230689):
  - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
    intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
    to 0x2007006;
@ -933,7 +777,7 @@ rm -rf %{buildroot}
    to 0x11 (old pf 0x1).

 * Mon Aug 07 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230516-1
- Update Intel CPU microcode to microcode-20230516 release (#2213125):
+- Update Intel CPU microcode to microcode-20230516 release (#2213124):
  - Addition of 06-be-00/0x01 (ADL-N A0) microcode at revision 0x10;
  - Addition of 06-9a-04/0x40 (AZB A0) microcode at revision 0x4;
  - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
@ -1106,19 +950,19 @@ rm -rf %{buildroot}

 * Tue Aug 01 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-4
 - Avoid spurious find failures due to calls on directories that may not exist
-  (#2231065).
+  (#2225681).

 * Wed Jun 28 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-3
 - Force locale to C in check_caveats, reload_microcode, and update_ucode
-  (#2218096).
+  (#2218104).

 * Tue Jun 06 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-2
- Cleanup the dangling symlinks in update_ucode (#2135376).
+- Cleanup the dangling symlinks in update_ucode (#2213022).

 * Wed Feb 15 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-1
 - Update Intel CPU microcode to microcode-20230214 release, addresses
-  CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171234,
-  #2171259):
+  CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171237,
+  #2171262):
  - Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000211;
  - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
    0x2b000181;
@ -1294,11 +1138,11 @@ rm -rf %{buildroot}

 * Tue Oct 25 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2
 - Change the logger severity level to warning to align with the kmsg one
-  (#2136224).
+  (#2136506).

 * Tue Aug 09 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-1
 - Update Intel CPU microcode to microcode-20220510 release, addresses
-  CVE-2022-21233 (#2115667):
+  CVE-2022-21233 (#2115663):
  - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
    intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006d05 up
    to 0x2006e05;
@ -1361,7 +1205,8 @@ rm -rf %{buildroot}

 * Tue May 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220510-1
 - Update Intel CPU microcode to microcode-20220510 release, addresses
-  CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2086743):
+  CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2090248,
+  #2090261, #2086751, #2040069):
  - Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f;
  - Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
    intel-ucode/06-97-02) at revision 0x1f;
@ -1484,13 +1329,8 @@ rm -rf %{buildroot}
    to 0x53.

 * Thu Feb 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220207-1
- Update Intel CPU microcode to microcode-20220207 release:
-  - Fixes in releasenote.md file.
-
-* Mon Feb 07 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220204-1
- Update Intel CPU microcode to microcode-20220204 release, addresses
-  CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#1971906, #2049543,
-  #2049554, #2049571):
+- Update Intel CPU microcode to microcode-20220207 release, addresses
+  CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#2053253):
  - Removal of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f;
  - Removal of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04)
    at revision 0xb00000f;
@ -1594,6 +1434,10 @@ rm -rf %{buildroot}
  - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x40 up
    to 0x50.

+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4:20210608-2
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
 * Mon Jul 05 2021 Eugene Syromiatnikov <esyr@redhat.com> - 4:20210608-1
 - Update Intel CPU microcode to microcode-20210608 release (#1921773):
  - Fixes in releasenote.md file.